Under Technologies Inc., dba Rho Technologies, together with its affiliates (collectively "Rho", "we", "us", “our”) places a high priority on the privacy of individuals who visit our website, rho.co (“Site”) and/or who cause the businesses they represent to use our cloud-based hosted services (“you” or “User”) including our banking platform or any of our other websites, networks, applications, mobile applications, or other services provided by us (collectively, the "Rho Service").
When any of these activities occur, your Personal Information may be collected and processed by Rho. This Policy is designed to explain how we collect, use, store, retain, disclose by transmission, disseminate or otherwise make available (collectively “Process”) your Personal Information. Please be aware that the Rho Service is integrated with certain third parties (“Third Party Servicers”) including, but not limited to Webster Bank, N.A., Member FDIC (“Webster”). The privacy policies of these Third Party Servicers will govern their collection, use, disclosure and processing of your Personal Information.
Our Terms of Service Agreement describes in detail why we need, and are sometimes required to, collect Personal Information. This Privacy Policy describes how we use that data, what we do with it and when we may disclose it to other parties. If at any time you have questions about our Privacy Policy, please contact Rho. Capitalized terms that are not defined in these terms and conditions have the definitions provided in the Rho Service Agreement.
If you’re using Rho through your Company pursuant to a Service Agreement between Rho and the Company, Rho will process your Personal Information in accordance with the Service Agreement pursuant to your Company's instructions. In the event of a conflict between this Privacy Policy and the data processing terms of the Service Agreement, the Service Agreement governs.
You are not required by law to provide us with any Personal Information. However, our ability to provide all features on the Site and Rho Service to you may be limited based on the level of Personal Information you provide us.
The Personal Information we may need to collect to provide the Rho Service to you includes your legal name, social security number, home and/or business address, biometric information and government identification (to verify your identity in connection with opening a Rho account) and other identifying information about who you are. In addition to collecting information about your own identity, we also collect certain information about transactions with which you may be involved. We also collect information about the Company. Such information includes but is not limited to the state where the Company is incorporated; documents related to the organization of the Company; financial information about the Company, including real-time financial accounting information provided to and by third parties and linked accounts; credit information about the Company; and any information related to the compliance and/or enforcement with respect to federal and state anti-money laundering and banking laws and regulations.
We, our service providers, and our vendors may also use technologies such as cookies, beacons, and scripts to collect information on how you use the Site or Rho Service, such as your browsing behavior, clicks and cursor movements, web pages visited, searches, text entered in forms and replays of your visit to the Site or Rho Service.
We use Third Party Servicers to access, process, and collect information about the Company’s financial and purchase activity. Any time you link an account, we may receive real-time data and information associated with the linked accounts including account names, transactions (and transaction history), account balances, bank routing numbers, and unique identifiers.
“Personal Information” is any information that can be used to identify you. We may de-identify Personal Information so that it can no longer be used to identify you or your device ("De-Identified Information"). Please note that this Privacy Policy does not apply to De-Identified Information, and we may use and disclose De-Identified Information for any purposes in our discretion.
One of the ways we collect information is directly from you. At the time of account opening, you are required to provide certain information about yourself and the business you are opening the Rho Account for.
We collect this information:(1) in person; (2) through documentation you provide to us; (3) during telephone calls or emails with you or Third Party Servicers; (4) through the access provided to you on our websites and/or applications; (5) in research using Third Party Servicers and (6) in our ongoing communications with you or your business’ employees or associated persons. We may also collect your Personal Information from individuals who are listed as associated with your Rho Account, public sources, or yours or our advisor(s), introducers, referrers, brokers, credit reporting agencies, and other reporting organizations or exchanges that serve the financial services industries.
In other cases, your Personal Information may be provided to Rho indirectly, such as the IP address of the computer or device you use to connect with us online or by a Third Party Servicer from whom you seek to obtain services or are obtaining services.
Rho processes your Personal Information for the following purposes:
Rho will disclose your information in the following ways:
The Rho Service and the purposes for which your Personal Information is processed may cause your Personal Information to be processed and/or stored outside of your country of residence, including the United States. The locations to which your Personal Information is transferred may have different privacy protections than those in your jurisdiction of residence.
By supplying your Personal Information to Rho either directly or indirectly, you consent to your information being transferred across international borders to Rho and its affiliates, Third Party Servicers, and agents. Vendors and other outside contractors we engage are subject to our contractual requirements for safeguarding Personal Information.
At Rho, security is a priority. We use certain physical, organizational, and technical safeguards that are designed to protect Personal Information submitted to us, and we employ appropriate measures, including advanced technology, to protect Personal Information against unauthorized access, disclosure, alteration, or destruction. These measures may include, among others, physical access security, administrative security measures, data encryption, firewalls, and other appropriate technologies. Rho reviews and enhances its security systems as necessary.
Notwithstanding Rho’s efforts, no security measure is perfect or impenetrable and no method of transmission over the internet or electronic storage is 100% secure. Therefore, Rho cannot guarantee complete security of the transmission or storage of your Personal Information. It is important that you maintain the security and control of your account credentials, and not share your password with anyone. We offer our Users two-factor authentication which is designed to protect their account. Please make use of this added protection.
Cookies
Cookies are small data files that are stored in your device memory or on your hard drive when you visit a website. Cookies may be used as a mechanism to recognize you, record behavior, and/or customize your experience with the Site and Rho Service. They can also be used to monitor Site or Rho Service activity, mitigate risk, measure the effectiveness of promotions and prevent potential fraud. If you choose to disable cookies, your use of the Site or the Rho Service may be limited or otherwise affected.
By using the Site and the Rho Service, you agree to the placement of cookies, beacons, and similar technologies in your browser and on emails in accordance with this Policy. The information collected in this manner includes IP address, browser characteristics, device IDs and characteristics, operating system version, language preferences, referring URLs, location data, and information about your usage of the Rho Service.
We may use this information, for example, to ensure that the Rho Service functions properly, to determine how many Users have visited certain pages or opened messages, and to prevent fraud. If you do not want information collected through the use of cookies, please refuse the optional cookies on our Site or consult your browser settings to learn how you can block or disable cookies. If, however, you do not accept cookies, you may experience some inconvenience in your use of the Service.
Analytics
We may use third-party web analytics services (such as those of Google Analytics) on the Site and Rho Service to collect and analyze usage information through cookies and similar tools; engage in auditing, research, or reporting; assist with fraud prevention; and provide certain features to you. To prevent Google Analytics from using your information for analytics, you may install the Google Analytics Opt-out Browser Add-on by clicking here. If you receive an email from us, we may use certain analytics tools, such as clear GIFs to capture data such as when you open our message or click on any links or banners our email contains. This data allows us to gauge the effectiveness of our communications and marketing campaigns.
Online Advertising
We use vendors who collect information through cookies and similar technologies about how individuals browse our Site as well as the web over time to display online advertising that is more tailored to their interests. This is called online targeted advertising. If you are interested in information about targeted advertising and how you can generally control cookies from being put on your computer to deliver tailored advertising, you may visit the Network Advertising Initiative’s Consumer Opt-Out link, the Digital Advertising Alliance’s Consumer Opt-Out link, or Your Online Choices to opt-out of receiving tailored advertising from companies that participate in those programs. To opt out of Google Analytics for display advertising or customize Google display network ads, visit the Google Ads Settings page. We do not control these opt-out links or whether any particular company chooses to participate in these opt-out programs. We are not responsible for any choices you make using these mechanisms or the continued availability or accuracy of these mechanisms. You can also opt out of certain online advertising activities by following the instructions in the "Your Rights and Choices" section below.
Please note that if you exercise the choices above, you may still see advertising when you use the Services, but it will not be tailored to you based on your online behavior over time.
Notice Concerning Do Not Track
Do Not Track (“DNT”) is a privacy preference that users can set in certain web browsers. We are committed to providing you with choices about the information collected on our website for third party purposes, and that is why we provide the variety of opt-out mechanisms listed above. However, we do not currently recognize or respond to browser-initiated DNT signals. To learn more about Do Not Track, you can do so here. Please note that Do Not Track is a different functionality from the legally-required browser-based global privacy control signal discussed below, which Rho does honor in accordance with applicable legal obligations.
Our Website May Be Linked To Other Websites
The Site and Rho Service contain links to third-party websites that are not affiliated with Rho, and may also contain third-party plug-ins. If you choose to use these sites or features, you may disclose your information not just to those third parties, but also to their users and the public more generally depending on how their services function. We are not responsible for the content or practices of those websites or services. The collection, use, and disclosure of your information will be subject to the privacy policies of the third-party websites or services, and not this Privacy Policy. We urge you to read the privacy and security policies of these third parties.
General Information Rights
Depending on your jurisdiction of residence, and subject to applicable legal exceptions, you may be able to ask us to:
If you request these rights, we will need to verify your identity and may need to verify your relationship with us (for example, if you’re an administrator of a Rho Account and you’re making a request on behalf of another individual) for security and to prevent fraud.
To exercise these rights, please access the consent preferences at the bottom of our Cookie’s Page.
Please note, however, that certain information may be exempt from such requests in some circumstances, which may include if we need to keep processing your information for our legitimate interests or to comply with a legal obligation. Depending on applicable law, you may have the right to appeal our decision to deny your request. If we deny your request, we will provide you with information on how to appeal the decision, if applicable, in our communications with you.
Notice of Right to Opt Out of Sales of Personal Information and Sharing/Processing of Personal Information for Targeted Advertising Purposes
As explained in detail in the "Cookies, Analytics, and Online Advertising" section above, we allow third-party vendors to collect information from your device and online browsing activities for online targeted advertising purposes, so that we can provide you with more relevant and tailored ads regarding the Rho Service. The disclosure of your information to these third parties to assist us in providing these services may be considered a “sale” of Personal Information under applicable law or the processing/sharing of Personal Information for targeted advertising purposes.
If you would like to opt out of our online disclosure such as through cookie and pixel technology of your Personal Information for purposes that could be considered “sales” for those third parties' own commercial purposes, or “sharing” for purposes of targeted advertising, please click here.
Please note that if you have a legally-recognized browser-based opt out preference signal turned on via your device browser, we recognize such preference in accordance with applicable law.
If you are a California resident, the California Consumer Privacy Act (“CCPA”) requires us to provide you with the following additional information about: (1) the purpose for which we use each category of Personal Information we collect; and (2) the categories of third parties to which we (a) disclose such Personal Information for a business purpose, (b) “share” Personal Information for “cross-context behavioral advertising,” and/or (c) “sell” such Personal Information. Under the CCPA, “sharing” is defined as the targeting of advertising to a consumer based on that consumer’s Personal Information obtained from the consumer’s activity across websites, and “selling” is defined as the disclosure of Personal Information to third parties in exchange for monetary or other valuable consideration. Our use of third-party analytics services and online advertising services, may result in the disclosure of online identifiers (e.g., cookie data, IP addresses, device identifiers, and usage information) in a way that may be considered a “sale” or "sharing" under the CCPA.
The following chart details these activities:
For more information about each category of personal information, purpose of use, and third parties to which we disclose personal information, please see the "Information We Collect," "How We Use Your Information," and "Disclosure of Your Information" sections of our Privacy Policy.
Your Choices Regarding “Sharing” and “Selling”: You have the right to opt out of our sale/sharing of your personal information for purposes of online advertising and related activities by clicking here.
Other CCPA Rights. If we ever offer any financial incentives in exchange for your personal information, we will provide you with appropriate information about such incentives.
The CCPA also allows you to limit the use or disclosure of your “sensitive personal information” (as defined in the CCPA) if your sensitive personal information is used for certain purposes. Please note that we do not use or disclose sensitive personal information other than for business purposes for which you cannot opt out under the CCPA.
Please see the “Your Privacy Rights” section of our Privacy Policy above for information about the additional rights you have with respect to your personal information under California law and how to exercise them.
California “Shine the Light” disclosure. The California “Shine the Light” law gives residents of California the right under certain circumstances to opt out of the disclosure of certain categories of personal information (as defined in the Shine the Light law) with third parties for their direct marketing purposes, or in the alternative, that we provide a cost-free means for consumers to opt out of any such disclosure. We do not currently disclose your personal information to third parties for their own direct marketing purposes.
This Biometric Information and Retention Policy applies to any individuals about whom we have collected biometric data in connection with our identity verification features and services. “Biometric information” includes “biometric identifiers” and “biometric information” as defined under applicable federal, state, and local laws governing the collection and processing of biometric information.
When you apply for a Rho account, we may ask you to submit (or we may ask your permission to take) a photo of you and an image or photo of your government-issued ID (e.g., your driver’s license, state identification card, or passport). We, and our service providers who assist us under contract in performing the identity verification procedures, may use facial recognition technologies to match your photo to your government-issued ID. Facial recognition technology involves the processing of biometric information about the unique features of your facial geography to perform the verification.
We and our service providers will only use your biometric information to provide the Rho Service. It is our policy to protect, use, transmit, and store, and destroy your biometric information in accordance with applicable laws and by using appropriate technical and organizational measures that are the same as or more protective than the manner in which we protect, use, transmit and store other confidential and sensitive information. We will only disclose your biometric information to other entities with your consent, or where required by applicable law, including in response to legal process (such as a subpoena or warrant).
We and our service providers will retain your biometric information only until the first of the following occurs:
Following this timeframe, we and our service providers will delete and permanently destroy your biometric information.
The Rho Service is intended for business use only and is not directed at persons under the age of 13. If you are a parent or guardian and believe we may have collected information about a person under the age of 13, please contact us at the email address or phone number set out at the beginning of this Policy. If we determine that we have inadvertently collected Personal Information from a person under the age of 13, we will promptly delete such information from our records to the extent permitted by applicable law.
We keep your information for no longer than necessary for the purposes for which it is processed. The length of time for which we retain information depends on the purposes for which we collected and use it and/or as required to comply with applicable laws.
The "Last Updated" date at the top of this page indicates when this Policy was last revised. From time to time, Rho may make changes to this Policy, so we encourage you to check back and review it regularly to ensure you are aware of current practices. Changes will be communicated through the Website or through your Rho Service account. If the amendment or revision is required in order for Rho and the Rho Service to remain in compliance with applicable laws or regulations, then the amendment or revision shall take effect as of when it is posted to the Website or your Rho Service account. If, on the other hand, the amendment or revision is not required under law, and you do not close your Rho Service account within thirty (30) days of notice of the amendment or revision on the Website or in your account, then you shall be deemed to have accepted the amendment or revision. If you disagree with the changes, you must stop your use of the Rho Service and discontinue use of our Website. Your continued use of the Rho Service and/or the Website following the effective date of any change, constitutes your consent to any modification to this Policy.
If you have any questions about this Policy, or you want to make a complaint regarding any breach of your privacy by us, or you want to correct or update your Personal Information in our possession, you may contact us by email at clientservice@rho.co.